Difference between revisions of "OPS335 NIS Lab"

NIS (Network Information Services)

NIS server is used to synchronize files between machines. In this lab you will set up your Fedora PC as both an NFS and NIS server. You will then use your VM's to serve as your NFS and NIS clients.

PART A: Setting up your NFS Server

Prerequisites
Before you begin make sure your Fedora 16 host and virtual machines are up to date (yum update).

Ensure both host and VM's have firewalls set up according to prior labs and all labs have been completed. Ensure you are using your learnid account (the first user created - this will be critical for success).

Ensure that your nfs server is running on the host and exporting the '/home' directory.

PART B: Setting up your NIS Server

• Install the NIS server and client onto your f16 host PC

 yum install ypserv ypbind

• Add the following line to the bottom of the file /etc/sysconfig/network

 NISDOMAIN="<learn-id>.org"
 YPSERV_ARGS="-p 783"

• Edit the file /etc/yp.conf and set up your domain:

 domain <learn-id>.org server 127.0.0.1

• Edit the file /etc/nsswitch.conf and add "nis" to three lines:

 passwd:     files nis
 shadow:     files nis
 group:      files nis

• Create the file /var/yp/securenets:

 host 127.0.0.1
 255.255.255.0   192.168.x.0

• Enable and start the NIS (ypserv) service.

systemctl start ypserv.service
systemctl enable ypserv.service

• Enable and start the NIS map transfer (ypxfrd) service.

systemctl start ypxfrd.service
systemctl enable ypxfrd.service

• Verify that your servers are running correctly with the following command (NFS, ypserv and fypxfrd) :

 rpcinfo -p

• Now change to directory /var/yp and run this command

 make

• Enable and start the NIS binding (ypbind) service.

systemctl start ypbind.service

• You may need to enable another boolean relating to NIS.

getsebool -a | grep yp

• Use the following command to verify your NIS server is working - you should see your learnid password record.

 ypcat passwd

• Add a new user named nis-user, with password "ops335".
• Run 'ypcat passwd' again.
• In order for the new user to show up you will need to recreate the map files- change directory to /var/yp and run the "make" command again.
• Now modify your firewall so that the VM's (client vm03 initially) will be able to access your NIS server. You will need to adjust your firewall - use netstat to determine what ports will be needed.

PART C: Adding VM03 to your NIS domain

• Ensure you are still mounting your home directory from the host machine using autofs. If not revisit last weeks lab.
• SSH to vm03 using two terminals, following your logs with one using

tail -f /varlog/messages

• Use the other to edit /etc/yp.conf adding the following line:

domain <learnid>.org server 192.168.x.1

• Now start the ypbind server with the command.

systemctl start ypbind.service

• Now when you run the following command you should be able to see the 'nis-user' entry added to the host machine. This is coming from NIS on the host and not the local machine.

ypcat passwd

• Logout of joker and login as clown on your VM. NOTE: You may have to login as "other" if clown's name does not show up on the login screen.

Completing the Lab

Answer the following questions.

1. What is your full name and 9-digit Seneca student ID?
2. What is the function of the /etc/nsswitch.conf file?
3. What is the purpose of the "-p" option to the rpcinfo command?
4. Explain, in your own words, what the "make" command did in PART B step 10.
5. Explain the syntax/meaning of the two records in the /var/yp/securenets file.
6. What was the output of the "ypcat passwd" command from PART D, step 5?
7. Explain, in your own words, the function of the portmapper service as seen in the "rpcinfo -p" command. Hint: Use Wikipedia.
8. What did your final firewall on the host look like. Use iptables-save.